1

Discussion of “Computer-Assisted Tools for Auditing XBRL-

Related Documents”

Symposium on Information Integrity & Information Systems Assurance

David PlumleeUniversity of Utah

How to Spend a Saturday Afternoon

2

Significance and Contribution

Significance of the question Assurance in XBRL-related documents is inevitable Conducting the procedures manually is tedious and

not fully reliable Contributions

Lays out a set of a assurance objectives Describes software that assists auditors (and others)

in meeting the assurance objectives Some insights into the XBRL knowledge of a limited

number of members of the Information Systems Audit and Control Association

3

Assurance Objective – Internal Control

To determine whether the controls over the creation of the XBRL-related document are operating effectively (and efficiently)

Do we care whether they are efficient? We would benefit from some details about how

XBRL-related controls would be assessed. In the US, what happens when the tagging

process is integrated into the financial reporting system? (in the case no reliance was placed of controls)

4

Other Assurance Objectives

Suitability – “appropriateness” is in the eye of the beholder For example, the client feels that

“OperatingExpensesWithCOGS” in their taxonomy extension is sufficiently different from “OperatingExpenses” in the official taxonomy

There needs to be a more objective criterion for suitability.

Accuracy – how do you apply “in all material respects” to the XBRL setting where tagged facts can be extracted from EDGAR in isolation?

5

Man versus Machine

6

• Assess validity• Graphically represent

- systematic structure - XBRL taxonomy

• Render elements• Map business facts to the XBRL-tagged data • Determine whether documents have required information

• Assess the appropriateness of the elements• Determine whether “similar” elements are created in extension taxonomies• Determine that the instance document does not contain information not in the official filing• Determine that the same taxonomies and rules were applied to create context information

The Role of Rendering

In a world where individual items are extracted by users from a database like EDGAR, is rendering the right tool for the auditor? Will rendering reveal intentionally wrong tags? Will rendering lead to a false confidence in the

correctness of the tags? Is fatigue in “ocular analysis” an issue?

Should there be standards for rendering software that make it easier for preparers, users and auditors?

7

What Else Can Be Automated?

Focus on exceptions Same tag in multiple instances Compare contexts for common tags Industry-based templates focusing on

“standard items” Standard disclosures; e.g., Pension footnote

More easily analyzed by software agents Semantic languages and tools that exploit

intelligent reasoning

8

Is there a role for risk assessments?

Can the auditor use the risk of mis-tagging to reduce the number of tags that must be evaluated in detail on a given engagement? Items tagged on a basis consistent with last year? Amounts that even if 100% wrong would be immaterial

by financial audit guidelines. Will the proposed process detect intentional mis-

tagging? Are the results of XBRL internal control

evaluations useful in designing the “substantive” tagging procedures?

9

Workshop Participants’ Opinions on XBRL-related Assurance

What information was gathered? What questions were asked? How were the scales labeled? What were the ranges (may be Std.

Deviations) of the responses? Are there demographic variables that

explain variation in the knowledge ratings or the rankings?

Are other populations interesting/relevant?

10

Conclusions

Professors Boritz and No are ahead of the regulators who have been reluctant to mandate assurance on XBRL-related documents.

XBRL Audit Assistant points out the current advantages and limitations of computer technology in the XBRL assurance setting.

There are serious limitations in the knowledge of professionals who will be called on to provide XBRL assurance.

11